Disruption, danger and determination: Africa debates its digital ID future on the final day of ID4Africa

Disruptive new technologies such as blockchain, and disruptive uses of existing technologies such as open-source alternatives, squared up against discussions of the appropriate use of digital ID, biometrics and their associated databases on the third and final day of the ID4Africa conference in Johannesburg.

Identity Disruptors

Many delegates are representing nations which are in the position to implement whole new systems from scratch, rather than having to update existing infrastructure. A selection of technologists from around the world presented alternative ways of building biometric ID systems to reduce or prevent issues such as social exclusion.

“60% of the African population is likely to not be connected [online] by 2020,” said Bart Suichies, Head of Digital Software at SICPA, “How can we talk about the services of digital ID?” Digital exclusion compounds existing social exclusion, said Suichies, calling for the “next generation of core societal systems,” which have to work offline as well as online, physical and digital to be as accessible as possible. Rather than an overarching single system integrating with all services and that would mean total exclusion for anyone who cannot obtain ID, he proposes an ecosystem of coexisting services. “ID isn’t about how many services you provide, but how many people you reach,” said Suichies, “Governments need to go away from being the sole issuer of an ID, to a manager of an ecosystem and lead by example”.

Building trust with the public has been a recurrent theme throughout the conference. The Netherlands government runs extensive public consultation and testing, but also uses marketing. “With a marketing agency, we’re trying to build a brand,” said Rhodia Maas, director of the National Office for Identity Data, who also warned that all digital ID forms will “require a permanent focus on innovation in ID infrastructure” as citizens’ needs change, new forms of fraud arise and technology continues to evolve. Public consultation throughout is key concluded Maas: “knowledge and co-operation are the success factors for ID authorities”.

Two opposing camps presented their alternatives to countries having to buy entire proprietary systems: Mosip the entirely open source system for creating foundational ID platforms, and the Secure Identity Alliance’s OSIA open standards version. Vendor lock-in was a key concern throughout the event, which both organizations addressed head on. Ivory Coast became the latest member of SIA when it signed to join as an observer on Wednesday at ID4Africa.

Both systems are going to be adopted by African nations this year, Morocco for Mosip, and ID4Africa is advisor to both. “I hope that next year at ID4Africa there’ll not be this discussion of vendor lock-in,” concluded the chair of SIA’s IDforAll Working Group, Debora Comparin as she shared how to specify OSIA components on a tender.

Blockchain was the favorite new technology to put the end user in control of their ID. “Blockchain is the disruptor,” said Accenture’s Daniel Bachenheimer. He advocated the system for its security, distribution – no central database means the same data is available everywhere – and for the fact it can be used for interoperability between systems as it doesn’t reveal any personally identifiable information (PII).

Computer Aid International CEO Keith Sonnet recommended blockchain as a way to establish trust when public trust in government institutions is low: “blockchain lets you trust systems, you don’t have to trust anyone else”.

Joseph Atick, Executive Chairman of ID4Africa, reiterated that a lack of technology is no longer an issue, “we need to lift the political will. Our call to action is to work together to get political will. There’s a tide, a shift, something in the air, a determinism,” something he called “Africa First” as he announced that Morocco would host ID4Africa 2020.

Appropriate use of ID

Delegates were asked to question how they use their ID systems, as mission creep and allure of selling data to the private sector make the run up to the 2030 UN Sustainable Development Goal to provide legal identity to all look increasingly murky.

“Some of the worst human rights abuses we can see can be facilitated by ID cards,” said Privacy International research officer, Tom Fisher, adding that biometric systems can make this situation even worse. “Do we need biometrics?” he asked delegates, as more and more services are accessed via biometric authentication. He stressed the importance of an ecosystem approach to ID which would mean those without the ID may still be able to access some services: “Can we remove the barriers that required the ID?”.

Bronwen Manby, senior policy fellow at the London School of Economics, emphasized the possibilities of better design to better reflect a country’s reality and reduce the amount of statelessness. Manby stated that if ID is a human right then “if this ID requires a credential then that’s also a human right”.

Dr Isaac Rutenberg, senior lecturer and director at the Center for Intellectual Property and Information Technology Law in Kenya, warns that companies have learned how to turn the data we generate all day every day into money: “mission creep for me would be governments will be asking for more and more data from biometrics to bioinformation to activities, healthcare etc. All that information is extremely valuable and desired by the private sector”. He urged countries to take data seriously and to consider the real cost to individuals going through the many hurdles to register.

Rutenberg urged all countries to look towards the Data Protection Authorities (DPAs) in West Africa: “They have a brilliant idea and system where some of them are requiring all government projects be submitted to the DPA… to consider the data impact.”

Teki Akuetteh Falconer, founder of the Africa Digital Rights Hub in Ghana, stressed the need for person-centric ID schemes, “We need to go back to the basics and ask ourselves why do we need this?… We should put the person at the center. Are we going to solve that person’s problems?”.

As the discussion opened to the floor, more views on good practice were shared. “There is a dual responsibility for the state,” said Mauritian data protection commissioner Drudeisha Madhub, “if it issues a card, then it has to educate the cardholder… If a country cannot control the uses of the card, there could be an impact on democratic process”.

The issue of the location of data acquired was a concern to many. Data is frequently sent abroad for processing by non-African biometrics companies and also stored abroad. Brain-drain of skilled government workers trained in ID, biometrics and ICT is becoming an issue. The lack of public trust in systems was perhaps the overriding concern, triggering Atick into announcing that trust frameworks would be part of ID4Africa 2020 and a representative for UNECA volunteered to be part of that channel and was accepted on the spot.

In his remarks at the closing of the event, the host ambassador to ID4Africa, Thomas Sigama, acting deputy director general of South Africa’s Department of Home Affairs, said that the conference had made him proud to be African, that the amount of learning had made the event a success and it “showed that the problems are not insurmountable”.